Presentation is loading. Please wait.

Presentation is loading. Please wait.

Security WG Areas of Interest FYI - Strawman Vancouver June 2001 Sprint PCS ®

Published byGladys Barber Modified over 9 years ago

Similar presentations

Presentation on theme: "Security WG Areas of Interest FYI - Strawman Vancouver June 2001 Sprint PCS ®"— Presentation transcript:

1 Security WG Areas of Interest FYI - Strawman Vancouver June 2001 Sprint PCS ®

2 Page 1 3GPP2-S00-20010611-046A Secrecy and Integrity Control Security (Secrecy/Privacy) of Users’ Information u Any information generated by or for a user, for any IP multimedia application, shall be provided with strong privacy and secrecy Security against modifying Users’ Messages (Integrity) u Any information generated by or for a user for any IP multimedia application, shall be provided with integrity and be protected from any unauthorized modification Security of Users’ Profile u Users’ Profile, Identity, Location & Signaling shall not be leaked out at any cost both, by visiting or home network to unauthorized agency. It demands security algorithms to be interoperable and compatible worldwide and yet to be trustworthy.

3 Page 2 3GPP2-S00-20010611-046A Security against Misusing Services Authentication at the Start of Session u Security algorithm shall authenticate the users right at the start of the session and immediately terminate the unauthorized users to prevent network resources from being unnecessarily engaged Secured QoS u Security algorithm shall refrain the users to steal QoS of contemporary users Protection against Malicious Adversary for Misusing Services u Network shall be robust & shall not allow any false & unregistered user to have fraudulent access to services and cheat the network operator Protection against Customer Fraud u Network shall be robust & shall not allow fraudulent impersonation to steal services and cheat the other users

4 Page 3 3GPP2-S00-20010611-046A Security against sabotaging Network Performance Protection against Attacks u viral attacks that may lead to impair/corrupt database or ruin operator’s reputation u All infrastructure equipment shall be protected from any sort of attacks that may corrupt the database or impair Network performance Protection against unauthorised modifications in network database u unauthorised modification of database u unauthorised modification that registered user may do while downloading services like OTASPA or SAT.

5 Page 4 3GPP2-S00-20010611-046A Security against sabotaging Network Infrastructure Secure Infrastructure between Network Operators u There shall be a secure infrastructure between network operators. Secure Infrastructure against All Users u There shall be a secure infrastructure against users SIM/RUIM Safety u SIM/RUIM be protected against any unauthorized modification of user-related data which is stored or processed by a provider. Protection against Theft u Network shall determine the stolen terminals and bar them from accessing 3G services.

6 Page 5 3GPP2-S00-20010611-046A Security of User Information Confidentiality u Any information related to users - protection against any unauthorized disclosure Integrity u Any information related to users shall be protected against any unauthorized modification Security of Users’ Profile u Users’ Profile, Identity, Location & Signaling shall be protected by Visiting and Home network from unauthorized agency

7 Page 6 3GPP2-S00-20010611-046A Security of Message Traversed Across Network Confidentiality u Any information traveled over the network (RAN and Core) shall be protected against any unauthorized disclosure Integrity u Any information traveled over the network (RAN and Core) shall be protected against any unauthorized modification Peer-to-peer Authentication u Network must be capable of authenticating the sender of the packets

8 Page 7 3GPP2-S00-20010611-046A Security of Network Infrastructure Secure Infrastructure between Network Operators Secure Infrastructure against Malicious Users SIM/RUIM Safety u SIM/RUIM be protected against any unauthorized modification of user-related data which is stored or processed by a provider.

9 Page 8 3GPP2-S00-20010611-046A Security of Network Database Protection against Attacks u protect against viral attacks that may lead to impair/corrupt database or ruin operator’s reputation u All infrastructure equipment - protection from any sort of attacks that may corrupt network databases Protection against unauthorised modifications in network database u protection from any unauthorised modification of database by intruders u unauthorised modification that registered user may do while downloading services like OTASPA or SAT.

10 Page 9 3GPP2-S00-20010611-046A Security of Services User Authentication u security mechanism to authenticate the users right at the start of the session and immediately terminate the unauthorized users from being engaged network network resources and services Protection of QoS Services u protection to prevent misuse of QoS Services (e.g., steal QoS from others, etc.) Protection against Malicious Adversary of Misusing Services u protection from any false & unregistered user from using network

11 Page 10 3GPP2-S00-20010611-046A Security of Services (cont.) Protection against Customer Fraud u fraudulent impersonation of stealing services from other users Protection against Theft u guarding access of 3G services Protection of Denial of Services u attacks (e.g., viral attack) that may lead to impair network from providing services or to totally disable services

12 Page 11 3GPP2-S00-20010611-046A Detection Of Security Breaches Intelligent Security Algorithm and Audit Data u detecting security breaches through monitoring/recording subscribers usage pattern and their traffic details in the event when security violation incident had occurred u trace the origin of unauthorized user, keep record (Audit Data) Protection of Audit Data

13 Page 12 3GPP2-S00-20010611-046A Other Considerations Transparent Legal Intercept u Secured tracking of possibly fair subscribers, but legal culprits shall be possible and shall be transparent to user for the purpose of Lawful Interception User’s Confidence u To enhance users' confidence on operator, they may be made able to counter check whether or not their call related information is secure. However legal intercept shall still be transparent Service Interruption for Defaulter u Barring services for defaulters shall also be possible

14 Page 13 3GPP2-S00-20010611-046A Other Considerations (2/2) Location/Push Services be Discretionary u Disclosure of location information of a user to the 3rd party shall be on user's discretion u Disclosure of user profile to the 3rd party for offering him push services shall be on user's discretion Future-Proof Network against Unforeseen Threats u Analyse architecture for future-proof allowing security features enhancements as demanded by new services or unforeseen threats

Download ppt "Security WG Areas of Interest FYI - Strawman Vancouver June 2001 Sprint PCS ®"

Similar presentations

Network Security Chapter 1 - Introduction.

Network Security Chapter 1 - Introduction.
Security by Design A Prequel for COMPSCI 702. Perspective “Any fool can know. The point is to understand.” - Albert Einstein “Sometimes it's not enough.

Security by Design A Prequel for COMPSCI 702. Perspective “Any fool can know. The point is to understand.” - Albert Einstein “Sometimes it's not enough.
Cryptography and Network Security 2 nd Edition by William Stallings Note: Lecture slides by Lawrie Brown and Henric Johnson, Modified by Andrew Yang.

Cryptography and Network Security 2 nd Edition by William Stallings Note: Lecture slides by Lawrie Brown and Henric Johnson, Modified by Andrew Yang.
Chap 1: Overview Concepts of CIA: confidentiality, integrity, and availability Confidentiality: concealment of information –The need arises from sensitive.

Chap 1: Overview Concepts of CIA: confidentiality, integrity, and availability Confidentiality: concealment of information –The need arises from sensitive.
Lecture 1: Overview modified from slides of Lawrie Brown.

Lecture 1: Overview modified from slides of Lawrie Brown.
Myagmar, Gupta UIUC 2001 1 3G Security Principles Build on GSM security Correct problems with GSM security Add new security features Source: 3GPP.

Myagmar, Gupta UIUC G Security Principles Build on GSM security Correct problems with GSM security Add new security features Source: 3GPP.
IT 221: Introduction to Information Security Principles Lecture 1: Introduction to IT Security For Educational Purposes Only Revised: August 28, 2002.

IT 221: Introduction to Information Security Principles Lecture 1: Introduction to IT Security For Educational Purposes Only Revised: August 28, 2002.
Chapter 1 – Introduction

Chapter 1 – Introduction
1 Cryptography and Network Security Third Edition by William Stallings Lecturer: Dr. Saleem Al_Zoubi.

1 Cryptography and Network Security Third Edition by William Stallings Lecturer: Dr. Saleem Al_Zoubi.
Security Internet Management & Security 06 Learning outcomes At the end of this session, you should be able to: –Describe the reasons for having system.

Security Internet Management & Security 06 Learning outcomes At the end of this session, you should be able to: –Describe the reasons for having system.
Stephen S. Yau CSE465 & CSE591, Fall 2006 1 Information Assurance (IA) & Security Overview Concepts Security principles & strategies Techniques Guidelines,

Stephen S. Yau CSE465 & CSE591, Fall Information Assurance (IA) & Security Overview Concepts Security principles & strategies Techniques Guidelines,
Applied Cryptography for Network Security

Applied Cryptography for Network Security
Cryptography and Network Security Chapter 1. Chapter 1 – Introduction The art of war teaches us to rely not on the likelihood of the enemy's not coming,

Cryptography and Network Security Chapter 1. Chapter 1 – Introduction The art of war teaches us to rely not on the likelihood of the enemy's not coming,
Cryptography and Network Security Third Edition by William Stallings Lecture slides by Lawrie Brown.

Cryptography and Network Security Third Edition by William Stallings Lecture slides by Lawrie Brown.
NCHU AI LAB Implications of Unlicensed Mobile Access for GSM security From : Proceeding of the First International Conference on Security and Privacy for.

NCHU AI LAB Implications of Unlicensed Mobile Access for GSM security From : Proceeding of the First International Conference on Security and Privacy for.
Topics in Information Security Prof. JoAnne Holliday Santa Clara University.

Topics in Information Security Prof. JoAnne Holliday Santa Clara University.
An Introduction to Information Assurance COEN 150 Spring 2007.

An Introduction to Information Assurance COEN 150 Spring 2007.
Alter – Information Systems 4th ed. © 2002 Prentice Hall 1 E-Business Security.

Alter – Information Systems 4th ed. © 2002 Prentice Hall 1 E-Business Security.
Chapter 19 Security Transparencies. 2 Chapter 19 - Objectives Scope of database security. Why database security is a serious concern for an organization.

Chapter 19 Security Transparencies. 2 Chapter 19 - Objectives Scope of database security. Why database security is a serious concern for an organization.
Review security basic concepts IT 352 : Lecture 2- part1 Najwa AlGhamdi, MSc – 2012 /1433.

Review security basic concepts IT 352 : Lecture 2- part1 Najwa AlGhamdi, MSc – 2012 /1433.

Similar presentations

Ads by Google